The vulnerability of the deserialization function in Java software for creating reports for deployed Cisco Security Manager devices allows a attacker to execute arbitrary commands.

The vulnerability of the deserialization function in Java software for creating reports for deployed Cisco Security Manager devices exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary commands remotely...